Merge pull request #109002 from MicrosoftDocs/master

3/25 AM Publish

Author: huypub

.openpublishing.redirection.json

@@ -800,6 +800,11 @@
       "redirect_url": "/azure/machine-learning",
       "redirect_document_id": false
     },
+    {
+      "source_path": "articles/notebooks/use-machine-learning-services-jupyter-notebooks.md",
+      "redirect_url": "/azure/machine-learning/samples-notebooks",
+      "redirect_document_id": false
+    },
     {
       "source_path": "articles/cognitive-services/QnAMaker/Tutorials/create-publish-query-in-portal.md",
       "redirect_url": "/azure/cognitive-services/QnAMaker/Quickstarts/create-publish-knowledge-base",
@@ -31855,11 +31860,6 @@
       "redirect_url": "/azure/security/fundamentals/abstract-serverless-platform-security",
       "redirect_document_id": true
     },
-    {
-      "source_path": "articles/security/azure-ad-choose-authn.md",
-      "redirect_url": "/azure/security/fundamentals/choose-ad-authn",
-      "redirect_document_id": true
-    },
     {
       "source_path": "articles/active-directory/authentication/howto-authentication-passwordless-enable.md",
       "redirect_url": "/azure/active-directory/authentication/concept-authentication-passwordless",
@@ -50358,6 +50358,11 @@
     {
       "source_path": "articles/cognitive-services/speech-service/quickstart-voice-assistant-java-jre.md",
       "redirect_url": "/azure/cognitive-services/speech-service/quickstarts/voice-assistants?pivots=programming-language-java&tabs=jre"
+    },
+	{
+      "source_path": "articles/security/fundamentals/choose-ad-authn.md",
+      "redirect_url": "/azure/active-directory/hybrid/choose-ad-authn",
+	  "redirect_document_id": true
     },
     {
       "source_path": "articles/cognitive-services/Speech-Service/quickstart-voice-assistant-csharp-uwp.md",

articles/active-directory/hybrid/TOC.yml

@@ -24,6 +24,8 @@
        href: cloud-governed-management-for-on-premises.md
      - name: Four steps to a strong identity foundation
        href: four-steps.md
+     - name: Choose a hybrid identity authentication method
+       href: choose-ad-authn.md
    - name: Azure AD Connect and Connect Health
      items:
      - name: What is Azure AD Connect and Connect Health?

articles/security/fundamentals/choose-ad-authn.md renamed to articles/active-directory/hybrid/choose-ad-authn.md

@@ -64,7 +64,7 @@ Azure AD Connect supports synchronization of the **preferredDataLocation** attri
 By default, **preferredDataLocation** is not enabled for synchronization. This feature is intended for larger organizations. The Active Directory schema in Windows Server 2019 has an attribute **msDS-preferredDataLocation** you should use for this purpose. If you have not updated the Active Directory schema and cannot do so, then you must identify an attribute to hold the Office 365 geo for your users. This is going to be different for each organization.
 
 > [!IMPORTANT]
-> Azure AD allows the **preferredDataLocation** attribute on **cloud User objects** to be directly configured by using Azure AD PowerShell. Azure AD no longer allows the **preferredDataLocation** attribute on **synchronized User objects** to be directly configured by using Azure AD PowerShell. To configure this attribute on **synchronized User objects**, you must use Azure AD Connect.
+> Azure AD allows the **preferredDataLocation** attribute on **cloud User objects** to be directly configured by using Azure AD PowerShell. To configure this attribute on **synchronized User objects**, you must use Azure AD Connect.
 
 Before enabling synchronization:
 

articles/active-directory/hybrid/how-to-connect-sync-feature-preferreddatalocation.md

@@ -74,7 +74,7 @@ When the status shows as registered, refresh the registration of the `Microsoft.
 az provider register --namespace Microsoft.ContainerService
 ```
 
-## Create an AKS cluster with Azure AD v1.0 enabled
+## Create an AKS cluster with Azure AD v2.0 enabled
 
 You can now create an AKS cluster by using the following CLI commands.
 
@@ -117,7 +117,7 @@ A successful creation of an Azure AD v2 cluster has the following section in the
 
 The cluster is created within a few minutes.
 
-## Accessing an Azure AD v1.0 enabled cluster
+## Accessing an Azure AD v2.0 enabled cluster
 To get the admin credentials to access the cluster:
 
 ```azurecli-interactive
@@ -140,7 +140,7 @@ To get the user credentials to access the cluster:
 kubectl get nodes
 ```
 
-To sign in, use a web browser to open the page https://microsoft.com/devicelogin and enter the code BYMK7UXVD to authenticate.  You receive an error:
+Follow the instructions to sign in.
 
 **error: You must be logged in to the server (Unauthorized)**
 

articles/security/fundamentals/media/choose-ad-authn/azure-ad-authn-image1.png renamed to articles/active-directory/hybrid/media/choose-ad-authn/azure-ad-authn-image1.png

@@ -1,6 +1,6 @@
 ---
-title: SSL policy overview for Azure Application Gateway
-description: Learn how to configure SSL policy for Azure Application Gateway and reduce encryption and decryption overhead from a back-end server farm.
+title: TLS policy overview for Azure Application Gateway
+description: Learn how to configure TLS policy for Azure Application Gateway and reduce encryption and decryption overhead from a back-end server farm.
 services: application gateway
 author: amsriva
 ms.service: application-gateway
@@ -9,15 +9,15 @@ ms.date: 11/16/2019
 ms.author: amsriva
 ---
 
-# Application Gateway SSL policy overview
+# Application Gateway TLS policy overview
 
-You can use Azure Application Gateway to centralize SSL certificate management and reduce encryption and decryption overhead from a back-end server farm. This centralized SSL handling also lets you specify a central SSL policy that's suited to your organizational security requirements. This helps you meet compliance requirements as well as security guidelines and recommended practices.
+You can use Azure Application Gateway to centralize TLS/SSL certificate management and reduce encryption and decryption overhead from a back-end server farm. This centralized TLS handling also lets you specify a central TLS policy that's suited to your organizational security requirements. This helps you meet compliance requirements as well as security guidelines and recommended practices.
 
-The SSL policy includes control of the SSL protocol version as well as the cipher suites and the order in which ciphers are used during an SSL handshake. Application Gateway offers two mechanisms for controlling SSL policy. You can use either  a predefined policy or a custom policy.
+The TLS policy includes control of the TLS protocol version as well as the cipher suites and the order in which ciphers are used during a TLS handshake. Application Gateway offers two mechanisms for controlling TLS policy. You can use either  a predefined policy or a custom policy.
 
-## Predefined SSL policy
+## Predefined TLS policy
 
-Application Gateway has three predefined security policies. You can configure your gateway with any of these policies to get the appropriate level of security. The policy names are annotated by the year and month in which they were configured. Each policy offers different SSL protocol versions and cipher suites. We recommend that you use the newest SSL policies to ensure the best SSL security.
+Application Gateway has three predefined security policies. You can configure your gateway with any of these policies to get the appropriate level of security. The policy names are annotated by the year and month in which they were configured. Each policy offers different TLS protocol versions and cipher suites. We recommend that you use the newest TLS policies to ensure the best TLS security.
 
 ### AppGwSslPolicy20150501
 
@@ -46,19 +46,19 @@ Application Gateway has three predefined security policies. You can configure yo
 |Default| False |
 |CipherSuites     |TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 <br>    TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 <br>    TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA <br>TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA <br>TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256<br>TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384<br>TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384<br>TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256<br>TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA<br>TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA<br>TLS_RSA_WITH_AES_256_GCM_SHA384<br>TLS_RSA_WITH_AES_128_GCM_SHA256<br>TLS_RSA_WITH_AES_256_CBC_SHA256<br>TLS_RSA_WITH_AES_128_CBC_SHA256<br>TLS_RSA_WITH_AES_256_CBC_SHA<br>TLS_RSA_WITH_AES_128_CBC_SHA<br> |
 
-## Custom SSL policy
+## Custom TLS policy
 
-If a predefined SSL policy needs to be configured for your requirements, you must define your own custom SSL policy. With a custom SSL policy, you have complete control over the minimum SSL protocol version to support, as well as the supported cipher suites and their priority order.
+If a predefined TLS policy needs to be configured for your requirements, you must define your own custom TLS policy. With a custom TLS policy, you have complete control over the minimum TLS protocol version to support, as well as the supported cipher suites and their priority order.
 
-### SSL protocol versions
+### TLS/SSL protocol versions
 
 * SSL 2.0 and 3.0 are disabled by default for all application gateways. These protocol versions are not configurable.
-* A custom SSL policy gives you the option to select any one of the following three protocols as the minimum SSL protocol version for your gateway: TLSv1_0, TLSv1_1, and TLSv1_2.
-* If no SSL policy is defined, all three protocols (TLSv1_0, TLSv1_1, and TLSv1_2) are enabled.
+* A custom TLS policy gives you the option to select any one of the following three protocols as the minimum TLS protocol version for your gateway: TLSv1_0, TLSv1_1, and TLSv1_2.
+* If no TLS policy is defined, all three protocols (TLSv1_0, TLSv1_1, and TLSv1_2) are enabled.
 
 ### Cipher suites
 
-Application Gateway supports the following cipher suites from which you can choose your custom policy. The ordering of the cipher suites determines the priority order during SSL negotiation.
+Application Gateway supports the following cipher suites from which you can choose your custom policy. The ordering of the cipher suites determines the priority order during TLS negotiation.
 
 
 - TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
@@ -91,7 +91,7 @@ Application Gateway supports the following cipher suites from which you can choo
 - TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA
 
 > [!NOTE]
-> SSL cipher suites used for the connection are also based on the type of the certificate being used. In client to application gateway connections, the cipher suites used are based on the type of server certificates on the application gateway listener. In application gateway to backend pool connections, the cipher suites used are based on the type of server certificates on the backend pool servers.
+> TLS cipher suites used for the connection are also based on the type of the certificate being used. In client to application gateway connections, the cipher suites used are based on the type of server certificates on the application gateway listener. In application gateway to backend pool connections, the cipher suites used are based on the type of server certificates on the backend pool servers.
 
 ## Known issue
 Application Gateway v2 does not currently support the following ciphers:
@@ -106,4 +106,4 @@ Application Gateway v2 does not currently support the following ciphers:
 
 ## Next steps
 
-If you want to learn to configure an SSL policy, see [Configure SSL policy on an application gateway](application-gateway-configure-ssl-policy-powershell.md).
+If you want to learn to configure a TLS policy, see [Configure TLS policy versions and cipher suites on Application Gateway](application-gateway-configure-ssl-policy-powershell.md).